Sample code for 30+ languages & platforms
.NET Core C#

Create JCEKS Containing Secret Keys

See more Java KeyStore (JKS) Examples

Demonstrates how to create a JCEKS keystore file containing symmetric secret keys (for AES, Blowfish, HMAC SHA25, ChaCha20, etc.)

This example requires Chilkat v9.5.0.66 or greater.

Chilkat .NET Core C# Downloads

.NET Core C#
bool success = false;

// IMPORTANT: This example requires Chilkat v9.5.0.66 or greater.

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

Chilkat.JavaKeyStore jceks = new Chilkat.JavaKeyStore();

// We'll need a pseudo-random number generator (PRNG) to generate symmetric keys.
Chilkat.Prng prng = new Chilkat.Prng();

// Generate some keys..

// 128-bit AES key (16 bytes)
string aesKey = prng.GenRandom(16,"base64");

// 256-bit Blowfish key (32 bytes)
string blowfishKey = prng.GenRandom(32,"base64");

// HMAC SHA256 key
// (An HMAC key can be anything, and any length. We'll use the following string:
string hmacKey = "This is my HMAC key";

// ChaCha20 256-bit
string chachaKey = prng.GenRandom(32,"base64");

// Add each secret key to the JCEKS
string encoding = "base64";
string password = "secret";
jceks.AddSecretKey(aesKey,encoding,"AES","my aes key",password);
jceks.AddSecretKey(blowfishKey,encoding,"BLOWFISH","my blowfish key",password);
// For HMAC, we're using the us-ascii bytes for the key..
jceks.AddSecretKey(hmacKey,"ascii","HMAC_SHA256","my hmac key",password);
jceks.AddSecretKey(chachaKey,encoding,"CHACHA","my chacha20 key",password);

string filePassword = "password";
// Write the JCEKs to a file.
success = jceks.ToFile(filePassword,"qa_output/secretKeys.jceks");
if (success != true) {
    Debug.WriteLine(jceks.LastErrorText);
    return;
}

// We can also emit as a JWK Set..
Chilkat.StringBuilder sbJson = new Chilkat.StringBuilder();
success = jceks.ToJwkSet("secret",sbJson);
if (success != true) {
    Debug.WriteLine(jceks.LastErrorText);
    return;
}

// Emit the JSON in pretty-printed (indented) form:
Chilkat.JsonObject json = new Chilkat.JsonObject();
json.LoadSb(sbJson);
json.EmitCompact = false;
Debug.WriteLine(json.Emit());

// Output is:

// { 
//   "keys": [
//     { 
//       "kty": "oct",
//       "alg": "AES",
//       "k": "vHekQQB0Gc1NvppapUTW2g",
//       "kid": "my aes key"
//     },
//     { 
//       "kty": "oct",
//       "alg": "BLOWFISH",
//       "k": "qHsdXaJsXicVCZbK8l8hJQpYOa0GkiO9gsRK9WLtht8",
//       "kid": "my blowfish key"
//     },
//     { 
//       "kty": "oct",
//       "alg": "HMAC_SHA256",
//       "k": "VGhpcyBpcyBteSBITUFDIGtleQ",
//       "kid": "my hmac key"
//     },
//     { 
//       "kty": "oct",
//       "alg": "CHACHA",
//       "k": "yNv832U43C9BcWvaQAH2_rG-GwfmpgT5JBRllWGQY1o",
//       "kid": "my chacha20 key"
//     }
//   ]
// }
//